REMARKS 



In the current and final Office Action, claims 1-25, 37-45, and 49-56 were 
examined. 

Claims 1-25, 37-45, and 49-56 were rejected. 
Specifically: 

Claims 1-25, 37-45, and 49-56 were "rejected under 35 U.S.C. 102(b) 
as being anticipated by Gong (WO 99/30217)." 



Of pending claims 1-25, 37-45, and 49-56, six (6) claims 1, 24, 25, 37, 49, 
and 53 are independent. These six independent claims 1, 24, 25, 37, 49, and 53 are 
addressed below. 
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I. It is respectfully submitted that Gong does not anticipate (or render 
obvious) independent claim L 24, 25, or 37. 

A. Gong focuses on granularity that is realized with a one-to-one 
correspondence. 

By way of example, Gong identifies "granularity" as an advantage. (WO 
99/30217, Page 12, Lines 25-37.) As further evidence, "Domain Mapper 248" maps 
"Object 262" and/or "Class 260" with a single "Protection Domain Object 282" as 
indicated by the dashed arrows in Figure 2. ( See , also, WO 99/30217, Page 12, 
Lines 21-24.) Additionally, a single "Protection Domain" is established for each 
"received class". (Figure 4, Steps 406 and 420, and related text.) Furthermore, each 
object "a", "b", and "c" on "CaUing Stack 610" is associated with a single 
"Protection Domain". (Figure 6, "Calling Stack 610" and "Security Policy", and 
related text.) 

The current Office Action reads on page 3 (as part of paragraph #3 that 
begins on page 2), at the last sentence of the first (partial) paragraph, "The 'code 
group' is met by protection domain." 

Thus, it appears that the Office is attempting to assert a correspondence 
between "protection domain" fi-om Gong and code groups of claims 1, 24, 25, and 
37. 

Even assuming, arguendo, that it is legitimate to draw a correspondence 
between "protection domain" and code groups, Gong only describes a one-to-one 
correspondence between (i) each "protection domain object 282" and (ii) each code 
piece and/or object class of Gong. Consequently, Gong cannot describe evaluating 
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with respect to multiple "protection domain objects 282" or generating any 
permission information in relation to multiple "protection domain objects 282" for 
one code piece or object class. 

B. Thus, no art of record, either alone or in any combination, 
anticipates or renders obvious at least the following elements in conjunction 
with the other elements of their respective claims: 

Claim 1: evaluating the evidence relative to the code groups to 
determine membership of the code assembly in two or more of 
the code groups . . . generating the permission grant set based 
on two or more code-group permission sets, each code-group 
permission set of the two or more code-group permission sets 
being associated with a code group in which the code assembly 
is a member. 

Claim 24: evaluating the evidence relative to the code groups to 
determine membership of the code assembly in two or more of 
the code groups . . . generating the permission grant set based 
on two or more code-group permission sets, each code-group 
permission set of the two or more code-group permission sets 
being associated with a code group in which the code assembly 
is a member. 

Claim 25: evaluating the evidence relative to the code groups to 
determine membership of the code assembly in two or more of 
the code groups . . . generating the permission grant set based 
on two or more code-group permission sets, each code-group 
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permission set of the two or more code-group permission sets 
being associated with a code group in which the code assembly 
is a member. 

Claim 37: evaluating the evidence set relative to the code group 
collection to determine membership of the code assembly in 
two or more code groups of the code group collection . . . 
generating the permission grant set based on two or more 
code-group permission sets, each code-group permission set of 
the two or more code-group permission sets being associated 
with a code group in which the code assembly is a member. 
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IL It is respectfully submitted that Gong does not anticipate (or render 
obvious) independent claim 49 or 53. 

A. Gong does not address verification in any relationship with 
permission rights. 

By way of example, it appears that Gong addresses verification in only one 
paragraph: 

A class may be associated with the digital signature associated with the file 
used to transport code defining the class, or the class definition of the class may be 
specifically associated with a digital signature. A class that is associated with a 
valid digital signature is referred to as being signed. Valid digital signatures are 
digital signatures that can be verified by known keys stored in a database. If a class 
is associated with a digital signature which can not be verified, or the class is not 
associated with any digital signature, the class is referred to as being unsigned. 
Unsigned classes may be associated with a default key. A key may be associated 
with a name, which may be used to look up the key in the database. 

(WO 99/30217, Page 8, Lines 28-35.) 

Thus, Gong does not address verification in any relationship with permission 
rights, much less in a contingency relationship. 

Moreover, the current Office Action reads on page 5, at paragraph #10 in 
pertinent part, "The limitation 'determining whether the code assembly may be 
executed despite the verification failure' is met by block 428 in Fig. 4." However, 
block 428 of Gong reads, "Establish Mapping of Class to Protection Domain?". 
Step 428 is described in the text of Gong on page 12 at lines 21-24. This text is not 
related to the verification passage on page 8 of Gong, as reproduced above. 

Consequently, Gong cannot describe any verification in relationship to 
permission rights, much less in a contingency determination relationship. 
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B. Thus, no art of record, either alone or in any combination, 
anticipates or renders obvious at least the following elements in conjunction 
with the other elements of their respective claims: 

Claim 49: evaluating the evidence relative to the security policy . . . 
performing verification on the code assembly . . . detecting a 
verification failure of the code assembly in the operation of 
performing verification . . • determining whether the code 
assembly may be executed despite the verification failure^ 
responsive to the evaluating operation. 
Claim 53: generating a permission grant set, responsive to the 
evaluating operation . . . determining based on the permission 
grant set that a step of a verification process is unnecessary . . . 
communicating to a verification module that the step of the 
verification process may be bypassed . • . performing the 
verification process on the code assembly with the verification 
module • . . bypassing the step of the verification process^ 
responsive to the communicating operation. 
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III. It is respectfully submitted that Gong does not anticipate (or render 
obvious) dependent claims 2-23. 38-45, 50-52 and 54-56. 



Reasons for the allowability of independent claims 1, 37, 49, and 53 have 
been provided above. Claims 2-23, 38-45, 50-52 and 54-56 depend from these 
independent claims 1, 37, 49, and 53, respectively. 

Each dependent claim also includes additional element(s) militating tov^ard 
allov^ability. For example, certain claims (e.g., claims 10-16 and 40-42) recite 
element(s) directed to a policy level. It is noted that Gong does not describe or 
suggest policy level as claimed. 

Nevertheless, it is also respectfully submitted that the dependent claims are 
allowable at least for the reasons given above in connection with their respective 
independent claims. 
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CONCLUSION 



It is respectfully submitted that all of the pending claims 1-25, 37-45, and 
49-56 are allowable, and prompt action to that end is hereby requested. 

Respectfully Submitted, 

Date: ^/^MOOS By: 




Keith W. Saunders 
Reg. No. 41,462 
(509) 324-9256 x238 
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